The Telecom Italia Mobile (or TIM) web portal is susceptible to cross site scripting attacks.
a348cafb30a75dec51c8f4b4936a2d2606e72cc9940ef953da0e7eb96f8327d7Secunia Security Advisory - A vulnerability with unknown impact has been reported in various Hitachi products.
b82f34f8c0bf0703c5570a6819d77753acd69bee35b15163cb1aa2e9edd76f1dSecunia Security Advisory - FiSh has discovered a vulnerability in CMScout, which can be exploited by malicious users to conduct SQL injection attacks.
c5431ea2023cb413394602c568788a1a67dc8f3e1a07aa0f3d6f4feb94423536Secunia Security Advisory - A vulnerability has been reported in the Drupal LoginToboggan module, which can potentially be exploited by malicious users to conduct script insertion attacks.
9d140e40c851a5649f38f55c9f7171baac2048dc0bebfc2962380a95615bf9a0Secunia Security Advisory - Justin Seitz has discovered a vulnerability in Ipswitch WS_FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
da257a69dc6a598bb09775bc35c4420d26789d146907d369cceb956762194225Secunia Security Advisory - A vulnerability has been reported in Hitachi TP1/Server Base, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
67914994898ecb3eafd438b06410619cd72bb4f704efe1b206590bfadebef1dbSecunia Security Advisory - Brad Hill has reported a vulnerability in IAIK XSECT, which can be exploited by malicious people to compromise a vulnerable system.
45e7d2de521776cbc954893836c4fe1d0f812102e813ab2bb152d9eb3461c6b8Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/NETM/DM Manager, which can be exploited by malicious users to conduct SQL injection attacks.
3a13db549908c00c1ce0e169925019f05b879af5eafdf2af35600a3ab2ab0eacSecunia Security Advisory - RedTeam Pentesting has reported some vulnerabilities in activeWeb contentserver, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, or conduct SQL injection and script insertion attacks, and by malicious people to conduct cross-site scripting attacks.
12de3c120c2838d0c38b09ea7b0a6af307eebd7c129f2b655034007507a337bcSecunia Security Advisory - Marc Ruef has reported a vulnerability in SiteScape Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
47b08eb8ad6bf2fb4193f8ce61d5ab6ce617b27f1c5e0e6c534f7839e0ed625aSiteScape Forum versions prior to 7.3 suffer from an input validation flaw that allows for arbitrary javascript insertion.
093f753a1723a404dac3f95d19723da79cf687420ced67ae4808de6b3d6f4f12CMScout versions 1.23 and below suffer form a SQL injection vulnerability.
78901c2218b5dbc2c3a3e8e9ba1a45cd1fac94b5f913a165fea8acadcc340623MKPortal NoBoard BETA is susceptible to a remote file inclusion vulnerability.
f2b2ea60c1de9a077658660c8ee5d212f623195ce8d307713a9a895b708b682biSEC Partners and Brad Hill are pleased to announce the availability of a new whitepaper describing design flaws and new attacks against the XML Digital Signature and XML Encryption standards. It accompanies recent advisories and provides detailed guidance for auditors and implementers of these products.
d1dc0e0eba7d2772f21a6e694c7c6e93f94a1e02a6befdfb4d6b0aa21027dcd3Technical Cyber Security Alert TA07-193A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Apple QuickTime version 7.2 resolves these vulnerabilities.
7151e24a15f1b2853a7d7b1145405afa88ab234c7e7f2404ce4d352587d78f6fiDefense Security Advisory 07.12.07 - Local exploitation of a race condition vulnerability in Red Hat Inc.'s Enterprise Linux init.d XFS script allows an attacker to elevate their privileges to root. iDefense has confirmed the existence of this vulnerability in Red Hat Enterprise Linux version 4, and Fedora Core 6. Other versions may also be affected.
2666c40511f0350e401c36cdc9f97d433ab4c36b57b8e529c7c0a2a02b5b980cFreeBSD Security Advisory - Several problems have been found in the libarchive code used to parse the tar and pax interchange formats. These include entering an infinite loop if an archive prematurely ends within a pax extension header or if certain types of corruption occur in pax extension headers, dereferencing a NULL pointer if an archive prematurely ends within a tar header immediately following a pax extension header or if certain other types of corruption occur in pax extension headers, and miscomputing the length of a buffer resulting in a buffer overflow if yet another type of corruption occurs in a pax extension header.
b38942f713cc47fbfb1b3c24182ba24175fea8220d4abee0c036c12cbc41e014G-Mail POP3 brute forcing script written in Python.
4bbed3e7608156906abf7307fafe70e83bbaa95e9e13a1b54bc072157549fae3SecureBlackBox arbitrary data write exploit that makes use of PGPBBox.dll version 5.1.0.112.
a351baa65c3b6793b7d636dd8b364794e2bfce2f28760c05fd3b903dd889f435Symantec Norton Security suffers from a local privilege escalation vulnerability in symTDI.sys. Exploit included.
346b36e57180712961f94ec561d4f025aa38510cab65289c24d7891db2570bf7MkPortal versions 1.1.1 and below reviews and gallery modules remote SQL injection exploit.
39a888b115eee0cb9f0c89f7ea7b1ab4bcd02467b6cab0bf724ace0eb6b19737PsNews version 1.1 suffers from a local file inclusion vulnerability in show.php.
f9e9bb0aaed6591da5047f58c15869360ad6e3c3b6514b41f7b468102d0aab69PHP version 5.2.3 bz2 com_print_typeinfo() remote denial of service exploit.
de4334b1c30d3638299b21bdc858f3c57b2f9e67941bb4c6769b7e9649a85a07The Evolutionary Fuzzing System (EFS) is a fuzzer that attempts to eliminate traditional fuzzer techniques of building a new fuzzer for each protocol by dynamically learning a protocol using code coverage and other feedback mechanisms.
25c9e9a281636d9be7f0216bfa0eb37beca0ff7dc82ae2e3f00832e4c0cb964dGPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.
9597f83a0a3b35e591f9e0d360e8589e6157a42ff347d071a12df55d00355a2d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed